近年來，網路安全問題日益嚴重，遂衍生出一個可用以支援網路安全相關研究專屬的測試平台的需求性。有鑑於此，國立成功大學資通安全研究與教學中心(TWISC@NCKU)從美國Utah大學引進Emulab系統軟體。在團隊的努力並參考其建置經驗下，我們使用Emulab系統軟體與國產硬體設備，經過「軟體架構分析」、「整體環境規劃」、「硬體與軟體的整合」等過程，最後完成「新一代網路安全測試平台Testbed@TWISC」的建置。
此系統可自動化地建構出真實的網路與主機環境，使用者可在全世界各地透過遠端連線的方式登入Testbed@TWISC系統，並透過系統中的圖形化介面(Web-GUI)，真實建立實驗時所需要的主機(Host)環境與網路拓樸(Network Topology)。當網路與主機環境建立完成後，使用者遂可進行實驗。
除了引進此軟體系統外，我們也配合國內硬體廠商自行研發出「環境監控管理系統」，並整合其進入Testbed@TWISC系統內，此系統可即時監控整體環境與設備狀況，對於往後設備採購及系統分析上亦有很大的幫助。未來除了提供使用者更穩定的
網路測試環境外，也希望能朝以下兩點繼續發展：
(1)除繼續擴建其規模外，交通大學與中央研究院目前也規劃引進Emulab系統技術並逐步建置。我們希望屆時可仿照DETERlab，利用IPSec技術串連三個平台的資源，建立大規模且橫跨網際網路的實驗環境。
(2)當Testbed@TWISC系統在發展至一定規模時，我們希望能將部份實驗節點加入PlanetLab計劃中，共同為下一代網際網路發展打拼。

本論文中，以Testbed@TWISC系統的「軟體層面整合與部署」為研究方向。由於在未來擴充彈性與成本考量下，Testbed@TWISC採用整合Emulab軟體與國產硬體設備的方式來建行建置。然而，由於Emulab軟體本身與國產硬體設備不相容，加以其各組成元件與內部運作機制複雜，而安裝的說明文件亦有許多隱晦不明的地方，大大地增加了建置的難度。有鑑於此，為了減低建置的難度與時程，在本論文中，我們從軟體整合的角度來看，說明Testbed@TWISC在軟體部署過程中，實際遇到的問題及相應解決之道。除此之外，我們模塑出一個平台建置的一般性方法，期能為了解Emulab軟體系統內部運作與建置人員提供作為參考，並提供Testbed@TWISC朝向更具穩定、好用與高效能之測試平台為目標的一個實用之維運方式與藍圖。此系統建置過程包含「整體環境規劃」與「軟體層面整合」兩大部份，在這些規劃當中，我們真實的建立了Testbed@TWISC。本論文重點著重於「軟體層面整合」的研究，而「整體環境規劃」則是另一位伙伴 — 曾釋賢的研究議題 [42]。

In recent years, the emergence degree of increasing number of network security problems has become more severely; as a result, it is necessary to establish a dedicated testbed to support network security related research. In order to satisfy this need, Taiwan Information Security Center at National Cheng Kung University (TWISC@NCKU) introduced Emulab system software which developed by Flux Research Group at University of Utah. We started our construction by integration the Emulab system software with domestic-manufactured hardware facilities. After the process of “Planning on Overall Environment” and “Integration with Hardware and Software” with our team efforts and reference to Utha’s experience of testbed construction, we finally completed the construction of “the New Generation of Network Security Testbed — Testbed@TWISC.
This system can emulate real-world network and host environment by performing tesetbed facility allocation and configuration automatically. Users can login to the system by remote connection from anywhere around all over the world. When users expect to do some experimentation or tests, they can design their experiments of desired host environment and network topology through a Web-GUI. After the system finished the work of testbed facility allocation and configuration for the experiment, users can then perform their experiments, and access their designed host and network experiment environment in reality.
In addition to introducing this system from abroad, we also cooperated with the domestic hardware vendor to develop “Environmental Monitoring and Management System” and integrated it into Testbed@TWISC. This system is not only capable for monitoring the overall environment status and testbed facilities in real time, but also beneficial for the future facility procurement and systems analysis. In addition to providing users more reliable network testing environment, we plan to develop and extend Testbed@TWISC in the following two directions：
(1)In addition to our intend of expanding its scale, National Chiao Tung University (NCTU) and Academia Sinica, Republic of China (Taiwan) are also gradually introducing Emulab system technology and planning to construct it. We plan to use IPSec technology to combine resources of three testbeds and build a more large-scale experimental network environment across Internet just like the DETERlab case.

(2)When Testbed@TWISC develops to certain degree of scale, we hope to make partial nodes in Testbed@TWISC to be jointly added into PlanetLab project, in order to cooperate with International and contribute to the development of next generation Internet.
In this thesis, we focus on “Integration and Deployment on Software Aspect”. Due to the concerns of future extensibility and cost efficiency, Testbed@TWISC adopted the strategy that integrating Emulab software with domestic-manufactured hardware facilities as the construction approach. Nevertheless, since the nature that Emulab software is instinctively incompatible with our domestic-manufactured hardware facilities, and its complexity of software components and internal operation mechanism, moreover, many obscure passage or implicit description in its setup documentation; as a result, greatly hinder our construction process.
Thus, in order to lower the hardship and decrease time expense on testbed construction, we took from the viewpoint of software integration in this thesis, and describe the problems encountered in our practical deployment process with its corresponding countermeasure mentioned. Besides, we further proposed a generalized approach for committing Emulab-derived testbed construction in the hope that provide a reference of construction guideline and demystification of system operation to relevant construction staffs and testbed administrators. And also depict an affordable approach for the ultimate goal that evolving Testbed@TWISC towards a more reliable, usable and high-performance testbed — a quality network security testbed.
This system construction process mainly consists of two parts: the first part is ”Planning on Overall Environment” and the second is “Integration on Software Aspect”. Based on this planning, we completed to establish Testbed@TWISC. This thesis focus on “Integration on Software Aspect”, and “Planning on Overall Environment” is another cooperator — Shih-Hsien Tseng of the research topic.

Websites
[1] Crypto Lab